[Apiman-user] CORS
Fadi Abdin
fadiabdeen at gmail.com
Tue Aug 18 10:48:17 EDT 2015
I'm still working on it :( .. i had to give the network guys few ip
addresses to whitelist so i can mvn install .. ... almost there.
On Tue, Aug 18, 2015 at 9:46 AM, Marc Savy <marc.savy at redhat.com> wrote:
> My pleasure! Did it work?
>
> On 17/08/2015 16:38, Fadi Abdin wrote:
>
>> cool .. you're the man ;)
>>
>>
>> On Mon, Aug 17, 2015 at 11:37 AM, Marc Savy <marc.savy at redhat.com
>> <mailto:marc.savy at redhat.com>> wrote:
>>
>> I'm actually testing the fix right now. It will land both on the 1.2.x
>> branch and the 1.1.x branch shortly. You should be able to test it out
>> in a short while: I'll send you an email when it's available.
>>
>> On 17/08/2015 16:23, Fadi Abdin wrote:
>>
>> Thank you Marc,
>> Is there a work around that you can think of ?
>> I'm doing it with angularjs , very simple
>>
>> $http({method: 'GET', url: 'http://server/apiman-gateway/service
>> ',
>> headers: {
>> 'Authorization': 'Bearer XXXXXXXXXXXXX'}
>> });
>>
>> I assume you will fix it in the new version , right?
>>
>>
>>
>> On Mon, Aug 17, 2015 at 10:52 AM, Marc Savy
>> <marc.savy at redhat.com <mailto:marc.savy at redhat.com>
>> <mailto:marc.savy at redhat.com <mailto:marc.savy at redhat.com>>>
>> wrote:
>>
>> Hi,
>>
>> This is related to the JIRA I linked you to
>> (https://issues.jboss.org/browse/APIMAN-516). Because of
>> the way the
>> policy chain currently works the behaviour of CORS is
>> invalid in a
>> few very specific cases (e.g. when you stack it with an auth
>> policy). I'll let you know when it's fixed.
>>
>> Regards,
>> Marc
>>
>> On 17/08/2015 15:44, Fadi Abdin wrote:
>>
>> I have a problem in calling a service in apiman-gateway
>> with the
>> Authorization: Bearer <token> in the header.
>>
>> It seems to preflight OPTIONS and return
>>
>> 1.
>> X-Policy-Failure-Message:
>> OAuth2 'Authorization' header or 'access_token'
>> query
>> parameter must
>> be provided.
>>
>> I am sending the bearer token with the request and i
>> make sure
>> in the
>> preflight its sent in the request.
>>
>> 1.
>> Access-Control-Request-Headers:
>> accept, authorization
>>
>> Does anyone know if there Is something i'm missing ?
>> do i need
>> to get
>> authorization enabled or added anywhere ? as a side
>> note i have
>> below in
>> my api as well:
>>
>> response.setHeader("Access-Control-Allow-Headers",
>> "Authorization");
>>
>>
>> _______________________________________________
>> Apiman-user mailing list
>> Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
>> <mailto:Apiman-user at lists.jboss.org
>> <mailto:Apiman-user at lists.jboss.org>>
>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>
>>
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20150818/0aafd30d/attachment-0001.html
More information about the Apiman-user
mailing list